This is a starting point of best practices for hardening a production server. Topics include user accounts, an iptables firewall, SSH and disabling unused network services.
How to use two-factor authentication and other security controls in the Linode Manager.
Steps to take if your Linode becomes compromised by unauthorized parties.
Access your Linode via SSH using Public Key Authentication.
Generate a GPG key-pair, and convert it to an SSH key for authentication with your Linode.
Create a secure, LUKS-encrypted Debian Installation.
Install and configure OSSEC HIDS on Debian 7
Use Fail2ban to block automated system attacks and further harden your server. Fail2ban monitors system logs for symptoms of an automated attack, bans the IP and alerts you of the attach through email.
Use Google Authenticator to enable two-factor authentication for SSH connections.
Use OATH to enable two-factor authentication for SSH connections.
Install OpenVAS 8 to scan your system for vulnerabilities.